The European Court of Justice has ruled that Facebook, or any Internet company, can be forced to remove content worldwide. The ruling has far-reaching implications in which a government can demand a post, Tweet, or other content to be removed that the government does not agree with.
The ruling involves a case brought to the courts by Eva Glawischnig-Piesczek who requested that the company remove comments about her posted on a person's page. She brought the claim to Austrian courts, which found that the comments hurt the politician's reputation and defamed her.
Facebook must remove the information and block access to the information worldwide, according to the ruling by the European Court of Justice.
Facebook's lawyers claim that the ruling undermines the principle that laws on speech cannot be imposed on another country.
Facebook has remained in the spotlight in recent months over privacy practice concerns. The Department of Justice opened a criminal investigation into the company over the Cambridge Analytica scandal, which allowed access to 87 million people's personal preferences during the 2016 election.
Subpoenas involving the company's data sharing agreements with device makers also put the company into the crosshairs in New York's Eastern District. Facebook reportedly allowed device and phone manufacturers greater access to user's personal information than they allowed to app developers. The company made an exception to the restrictions it imposed on data to the manufacturers, leading to the investigation.
"Facebook is subject to a 2012 FTC settlement agreement where it agreed to maintain records of its privacy practices for the FTC to regularly review. If these investigations discover the company filed false information with the FTC, Facebook could be facing criminal charges," explains Los Angeles criminal defense attorney Tsion Chudnovsky.
To actually convict for criminal charges, prosecutors would have to prove beyond a reasonable doubt that company officers "knowingly and willfully" provided false statements to the FTC, according to Chudnovsky. This strict legal standard would be difficult to meet.
Facebook has also been fined $282,000 by Turkish authorities this week due to a violation of data protection laws. The violation impacted nearly 300,000 people. The breach allowed for a person's name, location, search history, date of birth and additional information to be made available. The investigation did not say what happened to the data after it was retrieved, but an investigation did find that Facebook never informed the board about errors in the company's applications.
Facebook will have to spend an additional $202,000 for failing to report the privacy breach to authorities. The company previously had to pay a total of 1.65 million lira in a separate privacy breach, or roughly $290,000. The total for the most recent privacy breach comes in at just over $281,000.
Europe has much more restrictive privacy laws than the United States. The EU's "right to be forgotten," established by European courts in 2014, gives European Union citizens the right to request that links containing personal information about them be removed from internet search results.
The European Union implemented GDPR privacy laws in May 2018 to protect EU citizens from privacy and data breaches. The sweeping regulations affect any company that stores or processes personal information about EU citizens.
The company's Facebook and WhatsApp platforms will also be forced to share encrypted messages with British police when information is requested as part of an investigation.
